Bob,
>I do not understand your question. What file. This combination cannot be
>used with verify, it is a Diffie-Hellmann encryption certificate. A better
>choice, if you have no preference is to use one of the DSA logins (I do not
>demonstrate any DSA logins in this manner). The before-mentioned RSA
>certificate will work. The following file combination will also work:
With "ElmerDsa.out ElmerDsaX_8.dat ElmoRocks", the file
.\test\specMatrix.d\CMS_Examples.d\11.4.bin
seems to be verified, as the following shows :
****************************
CSM_MsgToVerify::ReportMsgData(ostream &os)
CSM_MsgSignerInfos::ReportMsgData(ostream &os)
Number 1 signer info WAS VERIFIED.
CSM_MsgSignerInfo::ReportMsgData(ostream &os)
CSM_RecipientIdentifier::Report(IssuerAndSerialNumber)
Issuer = C=US@O=US Government@OU=VDA Site@CN=CarlCA
Serial Number = 5c010192
digestAlgorithm OID=1.3.14.3.2.26
signatureAlgorithm OID=1.2.840.10040.4.1
Signed Attributes: #### CSM_MsgAttributes::Report(ostream &os)
#################### ATTRIBUTE (1, 1) ::::
contentType=1.2.840.113549.1.7.1
#################### ATTRIBUTE (1, 2) ::::
messageDigest=406affffffec85279ffffffba6e1622dffffff9e629ffffffc022ffffff9
6ffffff87ffffffdd48 HEX
#################### ATTRIBUTE (1, 3) ::::
securityLabel=
security_policy_identifier=1.2.3.4.5.6.7.8
security_classification=1
pMark=THIS IS A PRIVACY MARK TEST
security_categories=type=1.2.3.4.5.6.7.888
1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
#################### ATTRIBUTE (1, 4) ::::
equivalentLabels=
Label=
security_policy_identifier=1.2.3.4.5.6.7.8
security_classification=1
pMark=BOB THIS IS A PRIVACY MARK TEST
security_categories=type=1.2.3.4.5.6.7.888
1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
Label=
security_policy_identifier=1.2.3.4.5.6.7.9
security_classification=1
pMark=BOB THIS IS A SECOND PRIVACY MARK TEST
security_categories=type=1.2.3.4.5.6.7.888
1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
****************************
Do you think it's correct ?
On the other side, with "DSAFreeGroup1User2.out dsaFreeGroup1_User2X_8.dat
ElmoRocks",
the file you send isn't verified :(
****************************
CSM_MsgToVerify::ReportMsgData(ostream &os)
CSM_MsgSignerInfos::ReportMsgData(ostream &os)
No SignerInfos were present or verified.
****************************
Am I still wrong ?
>An alternative example for using the CSM_MsgToVerify class exists in a
>utility we do not presently deliver in the SFL release: report_tool. This
>utility will take any command line listed file, address book, login config
>file (our existing file will work fine, I can create 1 for you specifically
>for the free3 CTIL) and dump the SignedData, verify the result and report
>its findings. The login is the only config file used. You are welcome to
>this source code and project if you are interested (it has not been tested
>on Unix, but should build easily).
Thanks, please send me the package privately, since it may be too big for the
list.
Regards.